Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Crapload of SUID'ed files w/Gentoo
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
geders
Tux's lil' helper
Tux's lil' helper


Joined: 19 Jun 2002
Posts: 76
Location: Purdue

PostPosted: Sun Nov 17, 2002 10:11 pm    Post subject: Crapload of SUID'ed files w/Gentoo Reply with quote

Using this command to find all the SUID/SGID files on my system:

Code:
/usr/bin/find / -type f \( -perm -004000 -o -perm -002000 \) -exec ls -lg {} \; &2> /dev/null >suidfiles.txt


I get a ton of files listed...the first ones are normal (except for some reason Mahjong has the SUID bit turned on??) but what concerns me the most are the hundreds of files (900 actually) listed under
/var/cache/edb/dep/. What's the purpose of these files, and it seems like a potentially HUGE security problem...

Any hints?
Back to top
View user's profile Send private message
rac
Bodhisattva
Bodhisattva


Joined: 30 May 2002
Posts: 6553
Location: Japanifornia

PostPosted: Mon Nov 18, 2002 1:21 am    Post subject: Reply with quote

SGIDing directories that are written to by multiple users ensure that all files in there get that group ID, regardless of the main group ID of the individual users. I've used this trick in the past to make it so that CGIs and mailing list archivers like MHonArc can modify each others' files. Maybe that's why /var/cache/edb/dep itself is SGID wheel.
_________________
For every higher wall, there is a taller ladder
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum